20 matches found
BELL-CVE-2023-53786
Bulletin has no description...
CVE-2023-53786
In the Linux kernel, the following vulnerability has been resolved: dm flakey: fix a crash with invalid table line This command will crash with NULL pointer dereference: dmsetup create flakey --table \ "0 blockdev --getsize /dev/ram0 flakey /dev/ram0 0 0 1 2 corruptbiobyte 512" Fix the crash by...
CVE-2023-53786
In the Linux kernel, the following vulnerability has been resolved: dm flakey: fix a crash with invalid table line This command will crash with NULL pointer dereference: dmsetup create flakey --table \ "0 blockdev --getsize /dev/ram0 flakey /dev/ram0 0 0 1 2 corruptbiobyte 512" Fix the crash by...
CVE-2023-53786
In the Linux kernel, the following vulnerability has been resolved: dm flakey: fix a crash with invalid table line This command will crash with NULL pointer dereference: dmsetup create flakey --table \ "0 blockdev --getsize /dev/ram0 flakey /dev/ram0 0 0 1 2 corruptbiobyte 512" Fix the crash by...
EUVD-2025-23857
Malicious code in bioql PyPI...
Microsoft Exchange Server Hybrid Deployment Elevation of Privilege Vulnerability
On April 18th 2025, Microsoft announced Exchange Server Security Changes for Hybrid Deployments and accompanying non-security Hot Fix. Microsoft made these changes in the general interest of improving the security of hybrid Exchange deployments. Following further investigation, Microsoft identifi...
Security Updates for Microsoft Exchange Server (August 2025)
The Microsoft Exchange Server installed on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities as referenced in the August, 2025 security bulletin. - Exposure of sensitive information to an unauthorized actor in Microsoft Exchange Server allows an...
CVE-2025-53786
On April 18th 2025, Microsoft announced Exchange Server Security Changes for Hybrid Deployments and accompanying non-security Hot Fix. Microsoft made these changes in the general interest of improving the security of hybrid Exchange deployments. Following further investigation, Microsoft identifi...
CISA Issues ED 25-02: Mitigate Microsoft Exchange Vulnerability
Today, CISA issued Emergency Directive ED 25-02: Mitigate Microsoft Exchange Vulnerability in response to CVE-2025-53786link is external, a vulnerability in Microsoft Exchange server hybrid deployments. ED 25-02 directs all Federal Civilian Executive Branch FCEB agencies with Microsoft Exchange...
Microsoft Discloses Exchange Server Flaw Enabling Silent Cloud Access in Hybrid Setups
Microsoft has released an advisory for a high-severity security flaw affecting on-premise versions of Exchange Server that could allow an attacker to gain elevated privileges under certain conditions. The vulnerability, tracked as CVE-2025-53786 , carries a CVSS score of 8.0. Dirk-jan Mollema wit...
CVE-2025-53786
creationtimestamp| type| source ---|---|--- 2025-08-06 23:39:04+00:00| seen| https://t.me/ctinow/236108 2025-08-06 23:52:05+00:00| seen| https://bsky.app/profile/cyfi-alerts.bsky.social/post/3lvrg5m4k5k2t 2025-08-06 23:52:15+00:00| seen|...
CVE-2025-53786
On April 18th 2025, Microsoft announced Exchange Server Security Changes for Hybrid Deployments and accompanying non-security Hot Fix. Microsoft made these changes in the general interest of improving the security of hybrid Exchange deployments. Following further investigation, Microsoft identifi...
CVE-2025-53786
On April 18th 2025, Microsoft announced Exchange Server Security Changes for Hybrid Deployments and accompanying non-security Hot Fix. Microsoft made these changes in the general interest of improving the security of hybrid Exchange deployments. Following further investigation, Microsoft identifi...
CVE-2025-53786 Microsoft Exchange Server Hybrid Deployment Elevation of Privilege Vulnerability
...
CVE-2025-53786
CVE-2025-53786 is a high-severity issue affecting on-premises Microsoft Exchange Server in hybrid deployments. The connected documents confirm a privilege-escalation path tied to Exchange Hybrid configurations that can impact Exchange Online identity integrity. Remediation/mitigation relies on in...
CVE-2025-53786 Microsoft Exchange Server Hybrid Deployment Elevation of Privilege Vulnerability
...
CVE-2024-53786
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codeless Cowidgets – Elementor Addons cowidgets-elementor-addons allows Stored XSS.This issue affects Cowidgets – Elementor Addons: from n/a through = 1.2.0...
CVE-2024-53786 WordPress Cowidgets – Elementor Addons plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codeless Cowidgets – Elementor Addons allows Stored XSS.This issue affects Cowidgets – Elementor Addons: from n/a through 1.2.0...
CVE-2024-53786 WordPress Cowidgets – Elementor Addons plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codeless Cowidgets – Elementor Addons cowidgets-elementor-addons allows Stored XSS.This issue affects Cowidgets – Elementor Addons: from n/a through = 1.2.0...
CVE-2024-53786
CVE-2024-53786 affects WordPress plugin Cowidgets – Elementor Addons (versions <= 1.2.0). The issue is an improper input neutralization during web page generation, enabling Stored XSS. Public disclosures in the provided documents confirm the vulnerability as stored XSS affecting this plugin ve...